From 8cab12aa2bd0bd1de03a377b37cd42faae64b0e1 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Wed, 29 May 2013 19:26:47 +0000 Subject: [PATCH] Fixes for various bugs (e.g.: 'secret file could not be read', SQL error and more) --- inc/config-functions.php | 30 ++++++++++++--------- inc/extensions/bonus/mode-update.php | 10 +++---- inc/filters.php | 23 ++++++++++------ inc/install/install_page_3.php | 6 ++--- inc/libs/bonus_functions.php | 24 ++++++++--------- inc/libs/maintenance_functions.php | 2 +- inc/libs/surfbar_functions.php | 2 +- inc/libs/task_functions.php | 16 ++++++----- inc/modules/admin/admin-inc.php | 24 ++++++++--------- inc/wrapper-functions.php | 28 +++++++++---------- install/tables.sql | 2 +- templates/de/html/install/install_page5.tpl | 2 +- 12 files changed, 93 insertions(+), 76 deletions(-) diff --git a/inc/config-functions.php b/inc/config-functions.php index 7b398bc93e..03ad13e7ac 100644 --- a/inc/config-functions.php +++ b/inc/config-functions.php @@ -305,7 +305,7 @@ function updateConfiguration ($entries, $values, $updateMode = '', $config = '0' // Update mode set? if (!empty($updateMode)) { // Update entry - $SQL .= sprintf("`%s`=`%s`%s%s,", $entry, $entry, $updateMode, (float) $values[$idx]); + $SQL .= sprintf("`%s`=`%s`%s%01.5f,", $entry, $entry, $updateMode, (float) $values[$idx]); } else { // Check if string or number but no array if (is_array($values[$idx])) { @@ -313,6 +313,7 @@ function updateConfiguration ($entries, $values, $updateMode = '', $config = '0' reportBug(__FUNCTION__, __LINE__, 'values[' . $idx . '] should not be an array! Content=
'.print_r($values[$idx], TRUE).'
'); } elseif ($values[$idx] == 'UNIX_TIMESTAMP()') { // Function UNIX_TIMESTAMP() detected + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Function UNIX_TIMESAMP() detected: entry=' . $entry); $SQL .= sprintf('`%s`=UNIX_TIMESTAMP(),', $entry); // Set timestamp in array as well @@ -326,15 +327,17 @@ function updateConfiguration ($entries, $values, $updateMode = '', $config = '0' // Update mode set // @TODO Call setConfigEntry() somehow - $SQL .= $entries = sprintf('`%s`=`%s`%s%s', $entry, $entry, $updateMode, (float) $values[$idx]); + $SQL .= $entries = sprintf('`%s`=`%s`%s%01.5f', $entry, $entry, $updateMode, (float) $values[$idx]); } elseif (($values[$idx] + 0) === $values[$idx]) { // Number detected - $SQL .= sprintf('`%s`=%s,', $entry, (float) $values[$idx]); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Number detected: entry=' . $entry . ',values[' . $idx . '/' . gettype($values[$idx]) . ']=' . $values[$idx]); + $SQL .= sprintf('`%s`=%01.5f,', $entry, (float) $values[$idx]); // Set it in config as well setConfigEntry($entry, $values[$idx]); } else { // String detected + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Regular value detected: entry=' . $entry . ',values[' . $idx . '/' . gettype($values[$idx]) . ']=' . $values[$idx]); $SQL .= sprintf("`%s`='%s',", $entry, sqlEscapeString($values[$idx])); // Set it in config as well @@ -354,21 +357,24 @@ function updateConfiguration ($entries, $values, $updateMode = '', $config = '0' // Update mode set // @TODO Call setConfigEntry() somehow - $SQL = sprintf('`%s`=`%s`%s%s', $entries, $entries, $updateMode, (float) $values); - } elseif (($values + 0) === $values) { - // Number detected - $SQL = sprintf('`%s`=%s', $entries, (float) $values); - - // Set it in config first - setConfigEntry($entries, (float) $values); + $SQL = sprintf('`%s`=`%s`%s%01.5f', $entries, $entries, $updateMode, (float) $values); } elseif ($values == 'UNIX_TIMESTAMP()') { // Function UNIX_TIMESTAMP() detected + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Function UNIX_TIMESAMP() detected: entries=' . $entries); $SQL = sprintf('`%s`=UNIX_TIMESTAMP()', $entries); // Set timestamp in array as well setConfigEntry($entries, time()); + } elseif (($values + 0) === $values) { + // Number detected + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Number detected: entries=' . $entries . ',values[' . gettype($values) . ']=' . $values); + $SQL = sprintf('`%s`=%01.5f', $entries, (float) $values); + + // Set it in config first + setConfigEntry($entries, (float) $values); } else { // Regular entry to update + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Regular value detected: entries=' . $entries . ',values[' . gettype($values) . ']=' . $values); $SQL = sprintf("`%s`='%s'", $entries, sqlEscapeString($values)); // Set it in config as well @@ -377,7 +383,7 @@ function updateConfiguration ($entries, $values, $updateMode = '', $config = '0' // Run database update //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'SQL=' . $SQL); - sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_config` SET " . $SQL . " WHERE `config`=%s LIMIT 1", + sqlQueryEscaped('UPDATE `{?_MYSQL_PREFIX?}_config` SET ' . $SQL . ' WHERE `config`=%s LIMIT 1', array(bigintval($config)), __FUNCTION__, __LINE__); //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'SQL=' . $SQL . ',affectedRows=' . sqlAffectedRows()); @@ -407,7 +413,7 @@ function FILTER_LOAD_CONFIGURATION ($no = '0') { incrementStatsEntry('cache_hits'); } elseif ((!isExtensionActive('cache')) || (!isset($GLOBALS['cache_array']['config'][$no]))) { // Load config from DB - $result_config = sqlQueryEscaped("SELECT * FROM `{?_MYSQL_PREFIX?}_config` WHERE `config`='%s' LIMIT 1", + $result_config = sqlQueryEscaped('SELECT * FROM `{?_MYSQL_PREFIX?}_config` WHERE `config`=%s LIMIT 1', array(bigintval($no)), __FUNCTION__, __LINE__); // Is the config there? diff --git a/inc/extensions/bonus/mode-update.php b/inc/extensions/bonus/mode-update.php index 81a836c17a..28985fb106 100644 --- a/inc/extensions/bonus/mode-update.php +++ b/inc/extensions/bonus/mode-update.php @@ -372,11 +372,11 @@ ORDER BY break; case '0.6.9': // SQL queries for v0.6.9 - addConfigAddSql('bonus_order_yn', "ENUM('Y','N') NOT NULL DEFAULT 'N'"); - addConfigAddSql('bonus_ref_yn', "ENUM('Y','N') NOT NULL DEFAULT 'N'"); - addConfigAddSql('bonus_stats_yn', "ENUM('Y','N') NOT NULL DEFAULT 'N'"); - addConfigAddSql('bonus_login_yn', "ENUM('Y','N') NOT NULL DEFAULT 'N'"); - addConfigAddSql('bonus_click_yn', "ENUM('Y','N') NOT NULL DEFAULT 'Y'"); + addConfigAddSql('include_bonus_order', "ENUM('Y','N') NOT NULL DEFAULT 'N'"); + addConfigAddSql('include_bonus_ref', "ENUM('Y','N') NOT NULL DEFAULT 'N'"); + addConfigAddSql('include_bonus_stats', "ENUM('Y','N') NOT NULL DEFAULT 'N'"); + addConfigAddSql('include_bonus_login', "ENUM('Y','N') NOT NULL DEFAULT 'N'"); + addConfigAddSql('include_bonus_click', "ENUM('Y','N') NOT NULL DEFAULT 'Y'"); // Update notes (these will be set as task text!) setExtensionUpdateNotes("Es können nun auch die folgenden Vergütungen bei der Auswertung der monatlichen Aktiv-Rallye mit berücksichtigt werden: Mailbestätigung (war vorher schon), Login-, Mailbuchung, Referral und Statistik-Bonus (100% Klickrate erreicht)."); diff --git a/inc/filters.php b/inc/filters.php index e20d718216..ceaf0e0ac9 100644 --- a/inc/filters.php +++ b/inc/filters.php @@ -1302,27 +1302,34 @@ function FILTER_ADD_HISTORY_ENTRY ($filterData) { // Filter for initializing ext-sql_patches function FILTER_GENERATE_FILE_SECRET_HASH ($filterData) { - // Transfer POINTS word - if (isExtensionInstalledAndNewer('sql_patches', '0.0.3')) { - // Okay, recent enough, so transfer the word for POINTS - setConfigEntry('POINTS', getPointsWord()); + // Is ext-sql_patches installed and transfer POINTS word? + if ((!isExtensionInstalled('sql_patches')) || (!isExtensionInstalledAndNewer('sql_patches', '0.9.0'))) { + // Extension ext-sql_patches is missing, so better abort here + return; } // END - if + // Okay, recent enough, so transfer the word for POINTS + setConfigEntry('POINTS', getPointsWord()); + // Init key setConfigEntry('secret_key', ''); - // File hash fas generated so we can also file the secret file... hopefully. + // File hash was generated so we can also file the secret file... hopefully. $hashFile = sprintf('%s%s.%s.cache', getPath(), getCachePath(), getFileHash()); // Read key from secret file if ((getFileHash() == '') || (getMasterSalt() == '') || (getPassScramble() == '') || (!isFileReadable($hashFile))) { // Maybe need setup of secret key! loadIncludeOnce('inc/gen_sql_patches.php'); + + // Generate file name again + $hashFile = sprintf('%s%s.%s.cache', getPath(), getCachePath(), getFileHash()); } // END - if // Test again if ((getFileHash() != '') && (getMasterSalt() != '') && (getPassScramble() != '')) { // Is the secret key file readable? + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'hashFile=' . $hashFile); if (isFileReadable($hashFile)) { // Read file setConfigEntry('secret_key', readFromFile($hashFile)); @@ -1365,7 +1372,7 @@ function FILTER_HANDLE_REFERRER_BANNER_CLICK ($filterData) { // Check required parameters if ((isGetRequestElementSet('user')) && (isGetRequestElementSet('banner'))) { // Update clicks counter... - sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_refbanner` SET `clicks`=`clicks`+1 WHERE `id`=%s LIMIT 1", + sqlQueryEscaped('UPDATE `{?_MYSQL_PREFIX?}_refbanner` SET `clicks`=`clicks`+1 WHERE `id`=%s LIMIT 1', array(bigintval(getRequestElement('banner'))), __FUNCTION__, __LINE__); // A line has been updated? @@ -1384,7 +1391,7 @@ function FILTER_HANDLE_REFERRER_BANNER_VIEW ($filterData) { // Are all required parameters set if ((isGetRequestElementSet('user')) && (isGetRequestElementSet('banner'))) { // For later things... ;-) - $result = sqlQueryEscaped("SELECT `url` FROM `{?_MYSQL_PREFIX?}_refbanner` WHERE `id`=%s LIMIT 1", + $result = sqlQueryEscaped('SELECT `url` FROM `{?_MYSQL_PREFIX?}_refbanner` WHERE `id`=%s LIMIT 1', array(bigintval(getRequestElement('banner'))), __FUNCTION__, __LINE__); // Is there the banner? @@ -1393,7 +1400,7 @@ function FILTER_HANDLE_REFERRER_BANNER_VIEW ($filterData) { $data = sqlFetchArray($result); // Update counter - sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_refbanner` SET `counter`=`counter`+1 WHERE `id`=%s LIMIT 1", + sqlQueryEscaped('UPDATE `{?_MYSQL_PREFIX?}_refbanner` SET `counter`=`counter`+1 WHERE `id`=%s LIMIT 1', array(bigintval(getRequestElement('banner'))), __FUNCTION__, __LINE__); // Set header and ... diff --git a/inc/install/install_page_3.php b/inc/install/install_page_3.php index 57256a328d..7a985dab61 100644 --- a/inc/install/install_page_3.php +++ b/inc/install/install_page_3.php @@ -56,9 +56,9 @@ $smtpPass2 = '{?SMTP_PASSWORD?}'; // Overwrite it with the data from sent (failed) form if (isPostRequestElementSet('smtp_host')) $smtpHost = postRequestElement('smtp_host'); if (isPostRequestElementSet('smtp_user')) $smtpUser = postRequestElement('smtp_user'); -if (isPostRequestElementSet('smtp_pass')) { - $smtpPass1 = postRequestElement('smtp_pass'); - $smtpPass2 = postRequestElement('smtp_pass'); +if (isPostRequestElementSet('smtp_password')) { + $smtpPass1 = postRequestElement('smtp_password'); + $smtpPass2 = postRequestElement('smtp_password'); } // END - if // Database login data diff --git a/inc/libs/bonus_functions.php b/inc/libs/bonus_functions.php index f18d919011..5a5f7f1e8a 100644 --- a/inc/libs/bonus_functions.php +++ b/inc/libs/bonus_functions.php @@ -289,25 +289,25 @@ function purgeExpiredTurboBonus () { // Determines whether the "bonus rallye" is active function isBonusRallyeActive () { // Is there cache? - if (!isset($GLOBALS['bonus_rallye_active'])) { + if (!isset($GLOBALS[__FUNCTION__])) { // Just determine it - $GLOBALS['bonus_rallye_active'] = (getBonusActive() == 'Y'); + $GLOBALS[__FUNCTION__] = ((isExtensionInstalledAndNewer('bonus', '0.4.4')) && (isConfigEntrySet('bonus_active')) && (getBonusActive() == 'Y')); } // END - if // Return cache - return $GLOBALS['bonus_rallye_active']; + return $GLOBALS[__FUNCTION__]; } // Determines whether the "bonus new_member_notify" is active function isBonusNewMemberNotifyEnabled () { // Is there cache? - if (!isset($GLOBALS['bonus_new_member_notify_active'])) { + if (!isset($GLOBALS[__FUNCTION__])) { // Just determine it - $GLOBALS['bonus_new_member_notify_active'] = (getBonusNewMemberNotify() == 'Y'); + $GLOBALS[__FUNCTION__] = ((isExtensionInstalledAndNewer('bonus', '0.7.7')) && (isConfigEntrySet('bonus_new_member_notify')) && (getBonusNewMemberNotify() == 'Y')); } // END - if // Return cache - return $GLOBALS['bonus_new_member_notify_active']; + return $GLOBALS[__FUNCTION__]; } // Getter for bonus_timeout @@ -555,7 +555,7 @@ function isIncludeBonusClickEnabled () { // Is there cache? if (!isset($GLOBALS[__FUNCTION__])) { // Determine it - $GLOBALS[__FUNCTION__] = (getIncludeBonusClick() == 'Y'); + $GLOBALS[__FUNCTION__] = ((isConfigEntrySet('include_bonus_click')) && (getIncludeBonusClick() == 'Y')); } // END - if // Return cache @@ -567,7 +567,7 @@ function getIncludeBonusLogin () { // Is there cache? if (!isset($GLOBALS[__FUNCTION__])) { // Determine it - $GLOBALS[__FUNCTION__] = getConfig('include_bonus_login'); + $GLOBALS[__FUNCTION__] = ((isConfigEntrySet('include_bonus_login')) && getConfig('include_bonus_login')); } // END - if // Return cache @@ -579,7 +579,7 @@ function isIncludeBonusLoginEnabled () { // Is there cache? if (!isset($GLOBALS[__FUNCTION__])) { // Determine it - $GLOBALS[__FUNCTION__] = (getIncludeBonusLogin() == 'Y'); + $GLOBALS[__FUNCTION__] = ((isConfigEntrySet('include_bonus_login')) && (getIncludeBonusLogin() == 'Y')); } // END - if // Return cache @@ -603,7 +603,7 @@ function isIncludeBonusOrderEnabled () { // Is there cache? if (!isset($GLOBALS[__FUNCTION__])) { // Determine it - $GLOBALS[__FUNCTION__] = (getIncludeBonusOrder() == 'Y'); + $GLOBALS[__FUNCTION__] = ((isConfigEntrySet('include_bonus_order')) && (getIncludeBonusOrder() == 'Y')); } // END - if // Return cache @@ -627,7 +627,7 @@ function isIncludeBonusRefEnabled () { // Is there cache? if (!isset($GLOBALS[__FUNCTION__])) { // Determine it - $GLOBALS[__FUNCTION__] = (getIncludeBonusRef() == 'Y'); + $GLOBALS[__FUNCTION__] = ((isConfigEntrySet('include_bonus_ref')) && (getIncludeBonusRef() == 'Y')); } // END - if // Return cache @@ -651,7 +651,7 @@ function isIncludeBonusStatsEnabled () { // Is there cache? if (!isset($GLOBALS[__FUNCTION__])) { // Determine it - $GLOBALS[__FUNCTION__] = (getIncludeBonusStats() == 'Y'); + $GLOBALS[__FUNCTION__] = ((isConfigEntrySet('include_bonus_stats')) && (getIncludeBonusStats() == 'Y')); } // END - if // Return cache diff --git a/inc/libs/maintenance_functions.php b/inc/libs/maintenance_functions.php index 2d427c38d2..e9110d9abb 100644 --- a/inc/libs/maintenance_functions.php +++ b/inc/libs/maintenance_functions.php @@ -61,7 +61,7 @@ function isMaintenanceEnabled () { // Is the cache entry set if (!isset($GLOBALS[__FUNCTION__])) { // No, so determine it - $GLOBALS[__FUNCTION__] = (getMaintenance() == 'Y'); + $GLOBALS[__FUNCTION__] = ((isConfigEntrySet('maintenance')) && (getMaintenance() == 'Y')); } // END - if // Return cache diff --git a/inc/libs/surfbar_functions.php b/inc/libs/surfbar_functions.php index 0f6bf029a8..3acbc7c4d9 100644 --- a/inc/libs/surfbar_functions.php +++ b/inc/libs/surfbar_functions.php @@ -2001,7 +2001,7 @@ function isSurfbarAutoStartEnabled () { // Is there cache? if (!isset($GLOBALS[__FUNCTION__])) { // Determine it - $GLOBALS[__FUNCTION__] = (getSurfbarAutoStart() == 'Y'); + $GLOBALS[__FUNCTION__] = ((isConfigEntry('surfbar_auto_start')) && (getSurfbarAutoStart() == 'Y')); } // END - if // Return cache diff --git a/inc/libs/task_functions.php b/inc/libs/task_functions.php index d2ff048c90..d7eda64402 100644 --- a/inc/libs/task_functions.php +++ b/inc/libs/task_functions.php @@ -331,7 +331,7 @@ ORDER BY // Both extensions must be there if ((isExtensionInstalledAndNewer('bonus', '0.2.3')) && (isExtensionActive('user'))) { // Get more columns - $add = runFilterChain('add_bonus_points_user_columns', ''); + $add = trim(runFilterChain('add_bonus_points_user_columns', '')); // Active rallye, so add more point columns, if not empty $pointsColumns = ''; @@ -348,7 +348,10 @@ ORDER BY $lastOnline = ' AND (UNIX_TIMESTAMP() - `last_online`) < {?ap_inactive_since?}'; } // END - if - addSql("SELECT + // Is it empty? + if (!empty($ointsColumns)) { + // No, then add it + addSql("SELECT " . $pointsColumns . " AS `points` FROM `{?_MYSQL_PREFIX?}_user_data` @@ -359,10 +362,11 @@ WHERE ORDER BY `points` DESC, `userid` ASC"); - $WHATs[] = 'list_bonus'; - $DESCRs[] = '{--ADMIN_TASK_LIST_BONUS--}'; - $TITLEs[] = '{--ADMIN_TASK_LIST_BONUS_TITLE--}'; - } + $WHATs[] = 'list_bonus'; + $DESCRs[] = '{--ADMIN_TASK_LIST_BONUS--}'; + $TITLEs[] = '{--ADMIN_TASK_LIST_BONUS_TITLE--}'; + } // END - if + } // END - if // Again both extensions must be there if ((isExtensionInstalledAndNewer('beg', '0.1.2')) && (isExtensionActive('user'))) { diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php index 9360b73c8a..078108d8f4 100644 --- a/inc/modules/admin/admin-inc.php +++ b/inc/modules/admin/admin-inc.php @@ -635,9 +635,9 @@ function adminSaveSettings (&$postData, $tableName = '_config', $whereStatement $result = FALSE; if ($alwaysAdd === FALSE) { if (!empty($whereStatement)) { - $result = sqlQuery("SELECT * FROM `{?_MYSQL_PREFIX?}" . $tableName . "` WHERE " . $whereStatement . " LIMIT 1", __FUNCTION__, __LINE__); + $result = sqlQuery('SELECT * FROM `{?_MYSQL_PREFIX?}' . $tableName . '` WHERE ' . $whereStatement . ' LIMIT 1', __FUNCTION__, __LINE__); } else { - $result = sqlQuery("SELECT * FROM `{?_MYSQL_PREFIX?}" . $tableName . "` LIMIT 1", __FUNCTION__, __LINE__); + $result = sqlQuery('SELECT * FROM `{?_MYSQL_PREFIX?}' . $tableName . '` LIMIT 1', __FUNCTION__, __LINE__); } } // END - if @@ -646,7 +646,7 @@ function adminSaveSettings (&$postData, $tableName = '_config', $whereStatement $updatedData = implode(', ', $tableData); // Generate SQL string - $sql = sprintf("UPDATE `{?_MYSQL_PREFIX?}%s` SET %s WHERE %s LIMIT 1", + $sql = sprintf('UPDATE `{?_MYSQL_PREFIX?}%s` SET %s WHERE %s LIMIT 1', $tableName, $updatedData, $whereStatement @@ -666,7 +666,7 @@ function adminSaveSettings (&$postData, $tableName = '_config', $whereStatement $values = implode(', ' , $values); // Generate SQL string - $sql = sprintf("INSERT INTO `{?_MYSQL_PREFIX?}%s` (%s) VALUES (%s)", + $sql = sprintf('INSERT INTO `{?_MYSQL_PREFIX?}%s` (%s) VALUES (%s)', $tableName, $keys, $values @@ -698,7 +698,7 @@ function adminSaveSettings (&$postData, $tableName = '_config', $whereStatement // Generate a selection box function adminAddMenuSelectionBox ($menu, $type, $name, $default = '') { // Open the requested menu directory - $menuArray = getArrayFromDirectory(sprintf("inc/modules/%s/", $menu), $type . '-', FALSE, FALSE); + $menuArray = getArrayFromDirectory(sprintf('inc/modules/%s/', $menu), $type . '-', FALSE, FALSE); // Init the selection box $OUT = ' - + -- 2.39.2